package com.afwsamples.testdpc.policy.keymanagement;

import android.annotation.TargetApi;
import android.app.Activity;
import android.app.AlertDialog;
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.DialogInterface;
import android.os.AsyncTask;
import android.security.AttestedKeyPair;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.StrongBoxUnavailableException;
import android.util.Base64;
import android.util.Log;
import android.view.View;
import android.view.ViewGroup;
import android.widget.TextView;
import android.widget.Toast;
import com.afwsamples.testdpc.R;
import com.afwsamples.testdpc.policy.utils.Attestation;
import com.afwsamples.testdpc.policy.utils.AuthorizationList;
import com.afwsamples.testdpc.policy.utils.CertificateUtils;
import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* loaded from: classes13.dex */
public class GenerateKeyAndCertificateTask extends AsyncTask<Void, Integer, AttestedKeyPair> {
    public static final String TAG = "PolicyManagement";
    private final Activity mActivity;
    private final ComponentName mAdminComponentName;
    final String mAlias;
    private final byte[] mAttestationChallenge;
    private final DevicePolicyManager mDevicePolicyManager;
    private final boolean mGenerateEcKey;
    private final int mIdAttestationFlags;
    final boolean mIsUserSelectable;
    private final boolean mUseStrongBox;

    public GenerateKeyAndCertificateTask(KeyGenerationParameters keyGenerationParameters, Activity activity, ComponentName componentName) {
        this.mAlias = keyGenerationParameters.alias;
        this.mIsUserSelectable = keyGenerationParameters.isUserSelectable;
        this.mAttestationChallenge = keyGenerationParameters.attestationChallenge;
        this.mIdAttestationFlags = keyGenerationParameters.idAttestationFlags;
        this.mUseStrongBox = keyGenerationParameters.useStrongBox;
        this.mGenerateEcKey = keyGenerationParameters.generateEcKey;
        this.mActivity = activity;
        this.mAdminComponentName = componentName;
        this.mDevicePolicyManager = (DevicePolicyManager) activity.getSystemService("device_policy");
    }

    @TargetApi(28)
    private void showKeyGenerationResult(AttestedKeyPair attestedKeyPair) {
        if (this.mActivity == null || this.mActivity.isFinishing() || attestedKeyPair == null) {
            return;
        }
        View inflate = this.mActivity.getLayoutInflater().inflate(R.layout.key_generation_result, (ViewGroup) null);
        List<Certificate> attestationRecord = attestedKeyPair.getAttestationRecord();
        TextView textView = (TextView) inflate.findViewById(R.id.attestation_details);
        if (attestationRecord == null || attestationRecord.size() <= 0) {
            textView.setText("<none>");
        } else {
            try {
                StringBuilder sb = new StringBuilder();
                Attestation attestation = new Attestation((X509Certificate) attestedKeyPair.getAttestationRecord().get(0));
                sb.append(((Object) this.mActivity.getText(R.string.attestation_challenge_description)) + "\n");
                sb.append(new String(attestation.getAttestationChallenge()) + "\n");
                AuthorizationList teeEnforced = attestation.getTeeEnforced();
                if (teeEnforced != null) {
                    sb.append(((Object) this.mActivity.getText(R.string.device_serial_number_description)) + "\n");
                    sb.append(teeEnforced.getSerialNumber() + "\n");
                    sb.append(((Object) this.mActivity.getText(R.string.device_imei_description)) + "\n");
                    sb.append(teeEnforced.getImei() + "\n");
                    sb.append(((Object) this.mActivity.getText(R.string.device_meid_description)) + "\n");
                    sb.append(teeEnforced.getMeid() + "\n");
                    sb.append("Individual Attestation:\n");
                    sb.append(teeEnforced.isIndividualAttestation() + "\n");
                }
                Certificate certificate = attestationRecord.get(attestationRecord.size() - 1);
                sb.append(String.format("%s: %d\n", this.mActivity.getText(R.string.attestation_chain_length_description), Integer.valueOf(attestedKeyPair.getAttestationRecord().size())));
                sb.append(String.format("%s\n%s\n", this.mActivity.getText(R.string.attestation_root_description), ((X509Certificate) certificate).getSubjectX500Principal().getName()));
                textView.setText(sb);
            } catch (CertificateParsingException e) {
                Log.e("PolicyManagement", "Failed parsing attestation record", e);
                textView.setText("<INVALID>");
            }
        }
        new AlertDialog.Builder(this.mActivity).setTitle(R.string.key_generation_successful).setView(inflate).setPositiveButton(android.R.string.ok, (DialogInterface.OnClickListener) null).show();
    }

    private void showToast(int i, String str) {
        if (this.mActivity.isFinishing()) {
            return;
        }
        Toast.makeText(this.mActivity, this.mActivity.getResources().getString(i) + " " + str, 0).show();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    @TargetApi(28)
    public AttestedKeyPair doInBackground(Void... voidArr) {
        try {
            KeyGenParameterSpec.Builder isStrongBoxBacked = new KeyGenParameterSpec.Builder(this.mAlias, 12).setDigests(McElieceCCA2KeyGenParameterSpec.SHA256).setIsStrongBoxBacked(this.mUseStrongBox);
            if (this.mAttestationChallenge != null) {
                isStrongBoxBacked.setAttestationChallenge(this.mAttestationChallenge);
            }
            if (this.mGenerateEcKey) {
                isStrongBoxBacked.setKeySize(256);
            } else {
                isStrongBoxBacked.setSignaturePaddings("PSS", "PKCS1").setKeySize(2048);
            }
            AttestedKeyPair generateKeyPair = this.mDevicePolicyManager.generateKeyPair(this.mAdminComponentName, this.mGenerateEcKey ? "EC" : "RSA", isStrongBoxBacked.build(), this.mIdAttestationFlags);
            if (generateKeyPair == null) {
                return null;
            }
            List<Certificate> attestationRecord = generateKeyPair.getAttestationRecord();
            if (attestationRecord != null) {
                Log.i("PolicyManagement", "Attestation record:");
                Iterator<Certificate> it = attestationRecord.iterator();
                while (it.hasNext()) {
                    Log.i("PolicyManagement", Base64.encodeToString(it.next().getEncoded(), 2));
                }
                Log.i("PolicyManagement", "End of attestation record.");
            }
            X500Principal x500Principal = new X500Principal("CN=TestDPC, O=Android, C=US");
            X509Certificate createCertificate = CertificateUtils.createCertificate(generateKeyPair.getKeyPair(), x500Principal, x500Principal);
            ArrayList arrayList = new ArrayList();
            arrayList.add(createCertificate);
            if (this.mDevicePolicyManager.setKeyPairCertificate(this.mAdminComponentName, this.mAlias, arrayList, this.mIsUserSelectable)) {
                return generateKeyPair;
            }
            return null;
        } catch (StrongBoxUnavailableException e) {
            Log.e("PolicyManagement", "StrongBox unavailable", e);
            return null;
        } catch (IOException e2) {
            e = e2;
            Log.e("PolicyManagement", "Failed to create certificate", e);
            return null;
        } catch (SecurityException e3) {
            Log.e("PolicyManagement", "Not permitted to generate key", e3);
            return null;
        } catch (CertificateException e4) {
            e = e4;
            Log.e("PolicyManagement", "Failed to create certificate", e);
            return null;
        } catch (OperatorCreationException e5) {
            e = e5;
            Log.e("PolicyManagement", "Failed to create certificate", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    public void onPostExecute(AttestedKeyPair attestedKeyPair) {
        if (attestedKeyPair == null) {
            showToast(R.string.key_generation_failed, this.mAlias);
        } else {
            showToast(R.string.key_generation_successful, this.mAlias);
            showKeyGenerationResult(attestedKeyPair);
        }
    }
}
